package com.wangfei.test;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Enumeration;

public class GetPrivatekey {
    private static KeyStore keyStore = null;
    static {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME)==null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
    public static void main(String[] args) {
        String pfxkeyfile = "C:\\Users\\zywangfei\\Desktop\\20200928\\acp_test_sign_inst.pfx";
        pfxkeyfile = "/Users/wangfei/Downloads/00010000.pfx";
        String keypwd = "000000";
        String type = "PKCS12";
        try {
            keyStore = getKeyInfo(pfxkeyfile, keypwd, type);
            Enumeration<String> aliasenum = keyStore.aliases();
            String keyAlias = null;
            if (aliasenum.hasMoreElements()) {
                keyAlias = aliasenum.nextElement();
            }
            System.out.println(keyAlias);
            System.out.println(getSignCertId());
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e) {
            e.printStackTrace();
        }
        System.out.println(getSignCertId());
    }


    /**
     * 将签名私钥证书文件读取为证书存储对象
     *
     * @param pfxkeyfile
     *            证书文件名
     * @param keypwd
     *            证书密码
     * @param type
     *            证书类型
     * @return 证书对象
     * @throws IOException
     */
    private static KeyStore getKeyInfo(String pfxkeyfile, String keypwd,
                                       String type) throws IOException {
//        LogUtil.writeLog("加载签名证书==>" + pfxkeyfile);
        FileInputStream fis = null;
        try {
            KeyStore ks = KeyStore.getInstance(type, "BC");
//            LogUtil.writeLog("Load RSA CertPath=[" + pfxkeyfile + "],Pwd=["+ keypwd + "],type=["+type+"]");
            fis = new FileInputStream(pfxkeyfile);
            char[] nPassword = null;
            nPassword = null == keypwd || "".equals(keypwd.trim()) ? null: keypwd.toCharArray();
            if (null != ks) {
                ks.load(fis, nPassword);
            }
            return ks;
        } catch (Exception e) {
//            LogUtil.writeErrorLog("getKeyInfo Error", e);
            e.printStackTrace();
            return null;
        } finally {
            if(null!=fis) {
                fis.close();
            }
        }
    }

    /**
     * 获取配置文件acp_sdk.properties中配置的签名私钥证书certId
     *
     * @return 证书的物理编号
     */
    public static String getSignCertId() {
        try {
            Enumeration<String> aliasenum = keyStore.aliases();
            String keyAlias = null;
            if (aliasenum.hasMoreElements()) {
                keyAlias = aliasenum.nextElement();
            }
            X509Certificate cert = (X509Certificate) keyStore
                    .getCertificate(keyAlias);
            return cert.getSerialNumber().toString();
        } catch (Exception e) {
//            LogUtil.writeErrorLog("getSignCertId Error", e);
            return null;
        }
    }

}
